IBM WebSphere Application Server Liberty Profile
Amazon EC2 Installation Guide
2. Launching an instance
In order to launch IBM WebSphere Application Server (referred as WAS), a few settings need to be configured on the AWS console as follows. The instructions for launching an instance differ depending on where you launch from. Initially you will launch the instance from the AWS Marketplace.
2.1 From the AWS Marketplace
- Select the IBM WebSphere Product based on your requirements in the AWS Marketplace;
- Click on the link to go to that versions page in AWS Marketplace;
- Check the 'Other Versions' link to see other versions available (you can select the actual version later).
- Under 'Pricing Details' panel select your Region and either Hourly or Yearly fees.
- Click on the 'Continue', button to go to the '1-Click Launch' tab on the configuration page;
- On the 'Software Pricing' panel choose your instance type and pricing type;
- On the 'Version' panel, select the fix pack version you require;
- On the 'Region' panel, select the Region you require;
- On the 'EC2 Instance Type' panel, choose the instance type. The
m1.mediumtype or larger is recommended when running IBM WebSphere Application Server Liberty Profile. Larger instances may be required based on the number of IBM WebSphere application servers etc required and the expected resource use of each;
- On the 'VPC Settings' panel Configure the VPC settings to your requirements or leave the defaults;
- On the 'Security Group' panel, specify the security group. The security group needs to permit to following ports [note that the internal firewall will be configured later to permit only ports used by WebSphere]:
Port 22 to connect via SSH (enabled by default), Port 9080 to connect to the helloworld application in Liberty Profile Port 9090 to reach RapidDeploy web console, Port 20000 and 20100 to open for RapidDeploy Remote Agent (optional),
- If you don't already have a security group as above, go to your EC2 Control Panel and select 'Security Groups' under 'Network & Security'
- Click 'Create Security Group' button
- To open all ports, Click 'Add Rule'.
- In the 'Type' dropdown, Specify 'All TCP' or your preferred configuration.
- In the 'Source' dropdown, Specify 'Anywhere' or your preferred configuration.
- On the 'Key Pair' panel, select a key pair to use. You will need this key later to connect to the instance.
- Scroll back to the top of the page and click 'Accept Software Terms and Launch with 1-Click'.
- The Instance will be Launched.
2.2 From The AWS EC2 Console
- Select the IBM WAS AMI based on your requirements;
- Right click on the AMI, or from the drop down menu, choose the ‘
- Choose the instance type. The
m1.mediumtype or larger is recommended when running IBM WebSphere Application Server Liberty Profile.
m1.smallis the minimal requirement. Larger instances may be required based on the number of IBM WebSphere application servers etc required and the expected resource use of each;
- Specify the security group. The security group needs to permit to following ports:
FAST PATH: Specify a security group that opens all TCP ports from Anywhere
3. Initial login
midvision’ user, using the key you selected above. For example:Once the instance has started up (you can see it by having " 2/2 checks passed " in EC2 console).
- From the EC2 console by clicking the "
Connect to your instance" button with username "
midvision", using the previously (instance launch-time) selected
- Via SSH from your desktop, for example
ssh -i ./MidVisionUSMC.pem firstname.lastname@example.org
- From the EC2 console by clicking the "
- You should see the MidVision banner and then you are placed in a setup wizard.
Welcome to __ __ _ ___ ___ _ ____ _ _ | \/ (_) __| \ \ / (_)___(_) ___ _ __ / ___| | ___ _ _ __| | | |\/| | |/ _` |\ \ / /| / __| |/ _ \| '_ \ _____| | | |/ _ \| | | |/ _` | | | | | | (_| | \ V / | \__ \ | (_) | | | |_____| |___| | (_) | |_| | (_| | |_| |_|_|\__,_| \_/ |_|___/_|\___/|_| |_| \____|_|\___/ \__,_|\__,_| A MidVision Service * WebSite: http://portal.midvision.com/page/cloud-applications * Support: http://support.midvision.com/redmine/projects/devtestcloud * Wiki: http://support.midvision.com/redmine/projects/devtestcloud/wiki Welcome, this is DevTestCloud Websphere Application Server image first run configuration Note that you can rerun this configuration wizard again by executing /home/midvision/firstrunsetup.sh script Configuration steps 1. Set RapidDeploy framework initial password 2. Open ports on RHEL firewall
- Set initial password for RapidDeploy user "mvadmin".
- Choose which ports to open on Red Hat Linux firewall. You should open port 9080 to use the default installed helloworld application and port 9090 for the RapidDeploy web console if required.
[return], which will pick the default value displayed at the end of the question. Please refer to IBM documentation for WebSphere Application Server configuration.
4. Accessing the installation
4.1 Accessing the Hello World application
http://[publicip]:9090/MidVisionNote: make sure you have port 9090 open in your Security group when trying to access RapidDeploy web console. For the first time, you can set the password for the default username "
mvadmin". You can prevent auto starting RapidDeploy on instance startup by removing it from the system chkconfig list.
[midvision@ ] sudo chkconfig --del rapiddeploy
4.3 Subsequent logins via SSH to the instanceWhen logging into the instance after the first time, you will be asked if you wish to enter the console menu. Selecting ‘Y’ places you in a management console. Selecting ’N’ will take you to a command prompt. You can access the menu at any time by typing ‘
menu’ at the command prompt. In the menu context, after first login you should perform the following actions:
- Change the public IP address from the default 'localhost' to your IP address. Note that if you use an elastic IP, this is a one off operation. If you do not use an elastic IP, you'll need to do this each time you start the server. Select option three from the main menu as highlighted below
Main Application Administration Menu on ip-172-31-44-143 ======================================================== Please select from list 1. Display Status for ip-172-31-44-143 2. Manage Websphere Liberty Profile 3. Change public IP Address 4. Open Firewall Port on ip-172-31-44-143 5. Help for the Management menu x. Quit >3
- After changing the IP address, restart the server. To do this, elect option two(2) from the main menu and then stop and start the server (option one(1) then option two(2)).
WebSphere Administration Menu on ip-172-31-44-14 ================================================= Please select from list 1. Stop Liberty Profile Server: defaultServer 2. Start Liberty Profile Server: defaultServer 3. Liberty Profile Server Status: defaultServer 4. Select Liberty Profile Server: Current Server: defaultServer 5. Liberty Profile Version 6. Liberty Profile Validation 7. Liberty Profile Features x. Quit >
5. Maintaining the installation
5.1 Changing RapidDeploy initial passwordFor security reasons, you will need to change the default password (default value is '
mvadmin') for user
mvadmin. This will be requested the first time only when you log in to the instance.
5.2 Using the menu scriptThe menu script is a useful tool to manage your WebSphere Liberty profile image. Access it by typing ‘
menu’ on the command line. Use the "
Display Status" menu to display the state of IBM WebSphere liberty profile servers Use the "
Manage WebSphere" menu to select, stop and start IBM WebSphere liberty profile servers Use the “
Change IP” Menu to assign a new public IP address to this host. You will need to run this each time you start this host without a bound elastic IP address. Use the "
Open Firewall port" menu to open new firewall ports on this host for any new IBM WebSphere Liberty Profile servers you add.
- midvision: This is the default user, which you can log in as. It is permitted to use all SUDO rights. To switch to the root user, type "
- root: This is the superuser in linux systems. You can log in as any other user without using passwords. E.g: "
su ec2-user", "
- ec2-user: This user does not have SUDO rights. If you want to switch back to root user, type "
exit", this will take you back to the previous user session.
5.4 Opening Red Hat Entreprise Linux firewall with the open-firewall.sh scriptRHEL instances are shipped with a firewall by default to protect your machine. For security reasons, the instance is only accessible via SSH (port 22) at first, so further ports can be opened on the firewall as needed. You will need to open all the ports in this internal firewall, which you have open in your Security group. There is a script placed in the user home of midvision (/
home/midvision), which is also the starting location when logged in. You will need to be the root user to run this script. Example usage:
[midvision@ ] sudo ./open-firewall.sh 9090 Open firewall port 9090 iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
5.5 Starting and stopping RapidDeploy manuallyTo restart RapidDeploy manually from the filesystem, use the rapiddeploy linux service. The RapidDeploy version is 3.4.9. RapidDeploy home is located at
[midvision@ ] sudo service rapiddeploy start [midvision@ ] sudo service rapiddeploy stop
5.6 Files used for DevTestCloud servicesThere are a few scripts and other files in midvision and root users home directory, which will need to remain unchanged in order to keep the provided scripts working. There are a set of scripts in midvision home directory. Those scripts are executed when logging into the instance controlled by .bash_profile, but you can also execute them manually whenever they are needed. There are some hidden files used as well,
.firstrunindicates that the setup wizard has already run once,
.hostfile is needed to determine the previously bound hostname to WebSphere service.